ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.63k stars 504 forks source link

:seedling: Bump sigs.k8s.io/release-utils from 0.8.3 to 0.8.4 #4278

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps sigs.k8s.io/release-utils from 0.8.3 to 0.8.4.

Release notes

Sourced from sigs.k8s.io/release-utils's releases.

v0.8.4

Changes by Kind

Feature

  • K-sigs/release-utils now has an automated release workflow and publishes an SBOM (#110, @​puerco) [SIG Release]
  • Release-utils now has a new throttle package forked from nozzle/throttle (#108, @​puerco) [SIG Release]
  • The http.Agent now has *Group variants of its functions to support parallel fetching o lists of URLs. (#107, @​puerco) [SIG Release]
  • The util package has a new convenience function util.IsDir() to detect if a path is a directory. (#109, @​puerco) [SIG Release]

Other (Cleanup or Flake)

Dependencies

Added

  • github.com/nozzle/throttler: 2ea9822

Changed

Nothing has changed.

Removed

Nothing has changed.

Commits
  • 0790ab4 Merge pull request #110 from puerco/release-workflow
  • 943a605 Merge pull request #111 from puerco/revert-throttle
  • 9545115 Move http package to nozzle/throttler
  • 337176b Revert fork of nozzle/throttler
  • 9670e44 Add SBOM generation to releases
  • 61086f6 Merge pull request #107 from puerco/parallel-http
  • b6576e7 Parallelize tests and do not retry
  • 18dab2e Improve post tests to actually check returns
  • 9c49082 Mark http.GetURLResponse as deprecated
  • 1cd03a3 HTTP Group: Add documentation and example
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @spencerschrock.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)